How can I get fragment value from server side?

Question

My url is:

http://localhost:4567/Test/Callback#state=test&access_token=....

But when calling Request.Url.ToString(); it just outputs

http://localhost:4567/Test/Callback

How can I get the full url send to the server?

I's say this is a pretty basic question and you'd probably get a greater benefit from researching this yourself than asking here. — DavidG, Sep 30 '14 at 09:17
Sorry, I also need to get the url:"http://localhost:4567/Test/Callback#state=test&access_token=...." — Holding Fish, Sep 30 '14 at 09:21
@DmitryBychenko: No, the hash isn't send to the server. Hence, there is no use in your substring. — Patrick Hofman, Sep 30 '14 at 09:51

score 17 · Accepted Answer · answered Sep 30 '14 at 09:36

17

You can't.

There is a big difference between hash (#) and query string (?). The query string is send to the server, the hash isn't.

So the url send to the server is: http://localhost:4567/Test/Callback.

The only option you have to get the 'hash' to the server is by using a query string:

http://localhost:4567/Test/Callback?state=test&access_token=...

answered Sep 30 '14 at 09:36

Patrick Hofman

153,850
22
249
325

2

Correct! Fiddler doesn't even allow to use the # symbol in GET requests. – Faris Zacina Sep 30 '14 at 09:41
You are right about that. Thanks for the confirmation. – Patrick Hofman Sep 30 '14 at 09:42
Thanks, This is google OAuth callback, so I can't edit it. – Holding Fish Sep 30 '14 at 09:47
Then there is no way to get it, without some javascript crap. – Patrick Hofman Sep 30 '14 at 09:48

Jamie · Answer 2 · 2014-09-30T11:17:28.680

8

var uri = new Uri("http://localhost:4567/Test/Callback#state=test&access_token=....");

// Contains the query
uri.Fragment

Results in:

#state=test&access_token=....

Edit:

To get the current url of website use:

Request.Url.AbsoluteUri;

In the Request.Url is all the information of the current page and in Request.UrlReffer everything from the previous page.

Note: Request.UrlReferrer is null when there is no previous request (from your website)

edited Sep 30 '14 at 11:17

answered Sep 30 '14 at 09:17

Jamie

3,031
5
36
59

Thanks, I need to get the current url : "http://localhost:4567/Test/Callback#state=test&access_token=...." – Holding Fish Sep 30 '14 at 09:22
See my revised answer – Jamie Sep 30 '14 at 09:27
Request.Url.ToString(); just can get "http://localhost:4567/Test/Callback" – Holding Fish Sep 30 '14 at 09:28
You are looking for: Uri.AbsoluteUrl – Jamie Sep 30 '14 at 11:16
I'm afraid the Request.Url.AbsoluteUri will only get the URL (http://localhost:4567/Test/Callback), not the hashed values. The fragment will be blank if you took your URL from the Request.Url.AbsoluteUri. Please refer to Patrick's answer. – Josh Harris Oct 01 '19 at 14:16

score 2 · Answer 3 · answered Sep 30 '14 at 09:17

2

var url=@"http://localhost:4567/Test/Callback#state=test";
var uri = new Uri(url);
var result = uri.Fragment;

answered Sep 30 '14 at 09:17

Giannis Paraskevopoulos

18,261
1
49
69

score 1 · Answer 4 · answered Sep 30 '14 at 09:26

1

Others have already posted answers to your specific problem.

But it seems like you are developing an ASP.NET website so you should consider using the standard ? instead of # to prefix your query string.

This will allow you to use built-in methods and properties for processing the query string and avoid custom error-prone string processing:

string queryString = Request.Url.Query; // gives you "state=test&access_token=...."

or access it as a NameValueCollection:

string state = Request.QueryString["state"]; // gives you "test"

answered Sep 30 '14 at 09:26

Saeb Amini

23,054
9
78
76

For some reason, OAuth providers seem to return a fragment (#) containing the access token, instead of using a query string (?). I've seen the issue in ForgeRock, and it looks like the Google OAuth works the same way. I have no idea why they settled on this as a standard. – GalacticCowboy Jun 18 '21 at 14:30
@GalacticCowboy the reason is increased security. `#` fragments solely exist client-side and are not transferred over the network, and because the specific OAuth flow you are using is meant for client-side apps (implicit flow I'm guessing), there is no need for the server to access it anyway, so it makes sense. See [this](https://stackoverflow.com/questions/16733863/oauth2-0-implicit-grant-flow-why-use-url-hash-fragments) for a bit more info. There's also the authorization code flow (now recommended everywhere) you could use where the server gets the access token instead. – Saeb Amini Jun 20 '21 at 23:41

score 1 · Answer 5 · answered Sep 30 '14 at 09:29

1

you can use javascript to get the full link then pass it to the code behind

<script language="javascript" type="text/javascript">

    function JavaScriptFunction() {
        document.getElementById('<%= hdnResultValue.ClientID %>').value = document.URL;
    }

</script>

<asp:HiddenField ID="hdnResultValue" Value="0" runat="server" />
        <asp:Button ID="Button_Get" runat="server" Text="run" OnClick="Button_Get_Click" OnClientClick="JavaScriptFunction();" />

then from the code behind get the value of hiddenfield which contains the current full URL

protected void Button_Get_Click(object sender, EventArgs e)
{
   string fullURL = hdnResultValue.Value;
   string URl = fullURL .Substring(fullURL .IndexOf('#') + 1);
}

good luck

answered Sep 30 '14 at 09:29

Ahmed Mandour

330
1
8

This is a C# tagged question. You do not know if this within a context of a web environment. It could be a console app calling an api or something. – Giannis Paraskevopoulos Sep 30 '14 at 09:30
1

i think that the comments below other answers says that it's a web-based question – Ahmed Mandour Sep 30 '14 at 09:33
Sorry, but i only see comments about asking for the url too. Never mentioned a web environment. – Giannis Paraskevopoulos Sep 30 '14 at 09:36
a bit late, but there is an 'asp.net' tag, so it looks to be about a web environment – Max Nov 25 '22 at 10:58

How can I get fragment value from server side?

5 Answers5

Linked

Related